Daily Dothttp://www.dailydot.com/Daily Dot Articleen-usFri, 15 Feb 2013 16:21:32 +0000China's Uyghur minority targeted by Mac malware attackshttp://www.dailydot.com/society/china-uyghur-minority-mac-malware/<p><img src='//cdn0.dailydot.com/cache/cc/5d/cc5dcdc30ed6f7575c8f21b14929db13.jpg'></p><p>
A Muslim minority living in China&rsquo;s far west has become the target of malware attacks that take advantage of a security hole in the Mac version of Microsoft Office.</p>
<p>
Costin Raiu of computer security firm Kaspersky Labs posted a report on <a href="https://www.securelist.com/en/blog/208194116/Cyber_Attacks_Against_Uyghur_Mac_OS_X_Users_Intensify">SecureList</a>, in conjunction with <a href="http://labs.alienvault.com/labs/index.php/2013/cyber-espionage-campaign-against-the-uyghur-community-targeting-macosx-systems/">AlienVault Labs</a>, that indicated members of the Muslim Uyghur ethnic group using Apple&rsquo;s Mac OS X are suffering an increasing number of cyberattacks.</p>
<p>
As long ago as <a href="https://www.securelist.com/en/blog/208193616/New_MacOS_X_backdoor_variant_used_in_APT_attacks">last June</a>, Uyghur groups were noted to have been targeted, and the problem appears to have worsened recently.</p>
<p>
&ldquo;During the past months,&rdquo; Raiu wrote, &ldquo;we&rsquo;ve monitored a series of targeted attacks against Uyghur supporters, most notably against the <a href="http://www.uyghurcongress.org/en/">World Uyghur Congress</a>... Although some of these attacks were observed during 2012, we&rsquo;ve noticed a significant spike in the number of attacks during Jan 2013 and Feb 2013, indicating the attackers are extremely active at the moment.&ldquo;</p>
<p>
</p>
<p>
The attacks apparently use poisioned Microsoft Word documents to exploit a Microsoft Office vulnerability.</p>
<p>
Victims are targeted via email, with messages that appear to include a relevant attachment, sometimes a Word document entitled &ldquo;Concerns Over Uyghur People&rsquo;s Fundamental Rights Under The New Chinese Leadership,&rdquo; other times masquerading as a white paper.</p>
<p>
When the victim clicks on the attachment, the malware installs a backdoor on the target machine, giving whoever is perpetrating these attacks full remote access to the machine.</p>
<p>
Last year, prior to the Uyghur attacks, Kaspersky discovered Mac OS X vulnerabilities being exploited <a href="https://www.securelist.com/en/blog/208193470/New_Version_of_OSX_SabPub_Confirmed_Mac_APT_attacks">against Tibetan activists</a>.</p>
<p>
The fact that both Tibetan and Uyghur activists are critical of the Chinese government does not prove the hackers are Chinese, but it is certainly a possibility.</p>
<p>
<em>Photo by <a href="http://www.flickr.com/photos/rickyqi/4966812836/">Ricky Qi/Flickr</a></em></p>
curt@dailydot.com (Curt Hopkins)Fri, 15 Feb 2013 16:21:32 +0000http://www.dailydot.com/society/china-uyghur-minority-mac-malware/Society